Re: Brief Analysis of inj3ct0r.com

[dharm <dharm910 () gmail com>]

Yes , I totally agree with you as a simple nmap scan on the
Inj3ct0r.com shows the output with a smtp having title "WAteam" and
the title at 80 port is also same. Also , site is not working right
now.

DO NOT SUBMIT/VISIT ANY 0day Exploit at this site.

Here is the nmap scan result for the inj3ct0r

Host 8.101.120.77.colo.static.dc.volia.com (77.120.101.8) appears to
be up ... good.

Interesting ports on 8.101.120.77.colo.static.dc.volia.com (77.120.101.8):

Not shown: 985 closed ports

PORT      STATE    SERVICE      VERSION

21/tcp    open     ftp          ProFTPD 1.3.0

|_ FTP bounce check: no banner

22/tcp    open     ssh          OpenSSH 4.3p2 Debian 9etch3 (protocol 2.0)

25/tcp    open     smtp         Postfix smtpd

|_ SMTPcommands: EHLO wateam.localdomain, PIPELINING, SIZE 10240000,
VRFY, ETRN, AUTH LOGIN PLAIN, AUTH=LOGIN PLAIN, ENHANCEDSTATUSCODES,
8BITMIME, 250 DSN

53/tcp    open     domain?

80/tcp    open     http         Apache httpd 2.2.3 ((Debian))

|_ HTML title: WAteam server

110/tcp   open     pop3         Openwall popa3d

|_ POP3 Capabilites:  capa

111/tcp   filtered rpcbind

135/tcp   filtered msrpc

139/tcp   filtered netbios-ssn

445/tcp   filtered microsoft-ds

1720/tcp  filtered H.323/Q.931

1723/tcp  open     pptp         linux (Firmware: 1)

2049/tcp  filtered nfs

3306/tcp  open     mysql        MySQL 5.0.32-Debian_7etch11

|  MySQL Server Information: Protocol: 10


|  Version: 5.0.32-Debian_7etch11


|  Thread ID: 33073


|  Some Capabilities: Connect with DB, Compress, Transactions, Secure Connection


|  Status: Autocommit


|_ Salt: vh'',G`/g<53>!'BS\Tq

12345/tcp filtered netbus







On Thu, Nov 5, 2009 at 8:33 PM, Jon Kibler <Jon.Kibler () aset com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> djamel djamel wrote:
> > is there any GOOD alternative other than packet storm???
>
> Milw0rm will be back soon. See: "Milw0rm / Str0ke Not Dead" from yesterday.
>
> Jon
> - --
> Jon R. Kibler
> Chief Technical Officer
> Advanced Systems Engineering Technology, Inc.
> Charleston, SC  USA
> o: 843-849-8214
> c: 843-813-2924
> s: 843-564-4224
> s: JonRKibler
> e: Jon.Kibler () aset com
> e: Jon.R.Kibler () gmail com
> http://www.linkedin.com/in/jonrkibler
>
> My PGP Fingerprint is:
> BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.8 (Darwin)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAkry6VUACgkQUVxQRc85QlNqOACghARpS6VnO9g8YpQRV6vg0h6u
> Zp8An1bo+XKaOoGoPA9pkYPBtbWxkR7Y
> =96wx
> -----END PGP SIGNATURE-----
>
>
>
>
> ==================================================
> Filtered by: TRUSTEM.COM's Email Filtering Service
> http://www.trustem.com/
> No Spam. No Viruses. Just Good Clean Email.
>
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
> and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------